/*
* WMA compatible decoder
- * Copyright (c) 2002 The Libav Project
+ * Copyright (c) 2002 The FFmpeg Project
*
- * This file is part of Libav.
+ * This file is part of FFmpeg.
*
- * Libav is free software; you can redistribute it and/or
+ * FFmpeg is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2.1 of the License, or (at your option) any later version.
*
- * Libav is distributed in the hope that it will be useful,
+ * FFmpeg is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
- * License along with Libav; if not, write to the Free Software
+ * License along with FFmpeg; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/
s->use_bit_reservoir = flags2 & 0x0002;
s->use_variable_block_len = flags2 & 0x0004;
+ if(avctx->codec->id == CODEC_ID_WMAV2 && avctx->extradata_size >= 8){
+ if(AV_RL16(extradata+4)==0xd && s->use_variable_block_len){
+ av_log(avctx, AV_LOG_WARNING, "Disabling use_variable_block_len, if this fails contact the ffmpeg developers and send us the file\n");
+ s->use_variable_block_len= 0; // this fixes issue1503
+ }
+ }
+
+ if(avctx->channels > MAX_CHANNELS){
+ av_log(avctx, AV_LOG_ERROR, "Invalid number of channels (%d)\n", avctx->channels);
+ return -1;
+ }
+
if(ff_wma_init(avctx, flags2)<0)
return -1;
}
/* NOTE: this offset is the same as MPEG4 AAC ! */
last_exp += code - 60;
- if ((unsigned)last_exp + 60 > FF_ARRAY_ELEMS(pow_tab)) {
+ if ((unsigned)last_exp + 60 >= FF_ARRAY_ELEMS(pow_tab)) {
av_log(s->avctx, AV_LOG_ERROR, "Exponent out of range: %d\n",
last_exp);
return -1;
s->block_len_bits = s->frame_len_bits;
}
+ if (s->frame_len_bits - s->block_len_bits >= s->nb_block_sizes){
+ av_log(s->avctx, AV_LOG_ERROR, "block_len_bits not initialized to a valid value\n");
+ return -1;
+ }
+
/* now check if the block length is coherent with the frame length */
s->block_len = 1 << s->block_len_bits;
if ((s->block_pos + s->block_len) > s->frame_len){
buf_size, s->block_align);
return AVERROR_INVALIDDATA;
}
- buf_size = s->block_align;
+ if(s->block_align)
+ buf_size = s->block_align;
init_get_bits(&s->gb, buf, buf_size*8);
if (s->use_bit_reservoir) {
bit_offset = get_bits(&s->gb, s->byte_offset_bits + 3);
+ if (bit_offset > get_bits_left(&s->gb)) {
+ av_log(avctx, AV_LOG_ERROR,
+ "Invalid last frame bit offset %d > buf size %d (%d)\n",
+ bit_offset, get_bits_left(&s->gb), buf_size);
+ goto fail;
+ }
if (s->last_superframe_len > 0) {
// printf("skip=%d\n", s->last_bitoffset);
if (len > 0) {
*q++ = (get_bits)(&s->gb, len) << (8 - len);
}
+ memset(q, 0, FF_INPUT_BUFFER_PADDING_SIZE);
/* XXX: bit_offset bits into last frame */
- init_get_bits(&s->gb, s->last_superframe, MAX_CODED_SUPERFRAME_SIZE*8);
+ init_get_bits(&s->gb, s->last_superframe, s->last_superframe_len * 8 + bit_offset);
/* skip unused bits */
if (s->last_bitoffset > 0)
skip_bits(&s->gb, s->last_bitoffset);
/* read each frame starting from bit_offset */
pos = bit_offset + 4 + 4 + s->byte_offset_bits + 3;
- if (pos >= MAX_CODED_SUPERFRAME_SIZE * 8)
+ if (pos >= MAX_CODED_SUPERFRAME_SIZE * 8 || pos > buf_size * 8)
return AVERROR_INVALIDDATA;
- init_get_bits(&s->gb, buf + (pos >> 3), (MAX_CODED_SUPERFRAME_SIZE - (pos >> 3))*8);
+ init_get_bits(&s->gb, buf + (pos >> 3), (buf_size - (pos >> 3))*8);
len = pos & 7;
if (len > 0)
skip_bits(&s->gb, len);
*got_frame_ptr = 1;
*(AVFrame *)data = s->frame;
- return s->block_align;
+ return buf_size;
fail:
/* when error, we reset the bit reservoir */
s->last_superframe_len = 0;
projects / ffmpeg / blobdiff